Welcome to the Virus Encyclopedia of Panda Security.
It obtains confidential data from the affected computer and prevents users from accesing websites belonging to certain antivirus companies.
|First detected on:||April 26, 2006|
|Detection updated on:||April 26, 2006|
|Yes, using TruPrevent Technologies
Briz.F is a password stealer type Trojan that consists of several components that are consecutively downloaded from the Internet. Such components carry out the following actions:
- Stop and disable the services Windows Security Center and Internet Connection Sharing (Windows XP firewall).
- Obtain information from the computer, such as IP address, name, geographic area, etc.
- Prevent users and installed programs from accessing certain websites, which belong to several antivirus companies.
- Monitor if the user accesses web addresses, which belong to certain banking entities.
- Redirect such websites to a certain web server, which hosts web pages that imitate the original ones. By doing this, it could be able to obtain confidential information, such as username and password.
- Harvest paswords and other data stored in Protected Storage, as well as the email clients Outlook, Eudora and The Bat.
Briz.F does not spread automatically using its own means. It needs an attacking user's intervention in order to reach the affected computer.
Briz.F is difficult to recognize, as it does not display any messages or warnings that indicate it has reached the computer.